Travelling like a Sir - English Version

Today I want to share with you a little article about QR codes. Maybe you saw this kind of codes before in some advertisements in the street, festival tickets, train passes or even flight tickets.
Some companies use this images to save information of their own clients, make redirections to websites and give access to restricted areas.
The problem this code has is that always the content is in plain text, like for example: boarding passes of airlines.
We are going to see the content of that QR and how generate our own fake boarding pass with a seat in Business Class (something quite interesting, because with some airline companies we will be able to get access to V.I.P. areas in airports).
Ok, ok, I know this is not new and another person has talked about it in Def Con 24 in 2016 and a lot of people have been talking about it since 2003, but you know… The problem has still not been resolved and I wanted to explain it a little bit more.
First, we are going to review which kind of codes the companies use to generate the boarding passes: PDF417 and Aztec. The first one commonly used by printed versions, the second one is more common in phone application:

Once we have the scanner, we will be able to scan as much boarding passes as we find in Instagram, Google, FB, etc. to see the content and structure of them.

For the Proof of Content, I have analysed the next boarding pass:

We can see that the boarding pass is in Spanish, but do not worry is just another awesome language you should learn if you want to retire with your pension in a warm country.
Anyway, inside of the QR we will see the next information.

was fascinated by the security block, but many companies still thinking they do not need it. Some of the companies have learned the lesson and they have started to sign with a PKI (public key infrastructure) as it is more secure.
With the table in a hand and a pint of Guinness in another, let us start to analyse the data that is more interesting to change.

Obviously, not all the scanners and systems where we have to pass through the airport are the same. This is something you have to investigate by yourself and we do not have interest in that if you do not want to end in jail. Thread lightly at use of this knowledge as I may lead to prosecution, I will not be held accountable of your use of this.

I am so sorry to tell you that I couldn’t made a real proof of concept in the airport where I had been, because would be illegal… but a friend of a friend ^^ has told me that food and champagne in the V.I.P. areas of the airports are overrated.